3
3 User-centric Identity Management Recent trend in identity management systems Advantage –User can choose appropriate credentials flexibly Disadvantage –Users are expected to be more responsible for their online identity usage Users need to have more robust control over and awareness of identity credential usage.

15
15 Summary of Security Analysis None of local IdA, remote IdA, monitoring agent, and storage token is a single point of attack. Monitoring agent is still effective even when both local and remote IdAs are compromised. Eavesdropping of messages to monitoring agent does not leak sensitive information. Storage Token does not require fancy security features.

17
17 Recovery and Availability Recovery can be done by creating a new instance by re-generating key shares –No CA or IdP needs to be involved Missing storage token –Monitoring agent works in place of it Disabled Monitoring agent –Users can use services by using storage token Disabled local IdA –Key shares available from a remote IdA, monitoring agent, storage token are enough.